SE Practice CCIE Lab
V1.0
SE Practice
CCIE Lab
Cisco Systems Internal Use Only
1
SE Practice CCIE Lab
V1.0
Physical Layout
Diagram 1
The following topology is the router subset of the SE demo lab toplogy. These
routers are physically connected together as shown. Be aware that Dopey is acting
as a frame-relay switch on his serial ports AND has routed Ethernet interfaces.
FDDI
Dual
Ring
Sleepy
DLCI 100
Grumpy
S 2/0
E 0/1
E 0/0
DLCI 101
S0
E 0/2
S1
Frame
Relay
Dopey
E0
E1
E0
Shorn-2511
Cisco Systems Internal Use Only
2
SE Practice CCIE Lab
V1.0
Comm Server Setup
Diagram 2
IP Address: 171.68.62.87
E0
Comm Server
Shorn-2511
Line 2
Grumpy
Line 4
Line 3
Sleepy
Dopey
Cisco Systems Internal Use Only
3
SE Practice CCIE Lab
V1.0
Routing Topology
Diagram 3
Area 1
FDDI
Dual
Ring
Sleepy
OSPF Backbone Area
Grumpy
EIGRP
S 2/0
E 0/1
S0
E0
E 0/2
E 0/0
Frame
Relay
S1
Dopey
E1
Area 2
Area 3
IGRP
E0
Lab 1
Communications Server Setup / Network Connections
Cisco Systems Internal Use Only
4
SE Practice CCIE Lab
V1.0
 The Communications Server is cabled as shown on the
previous diagram.
 Communication Server port 2 is connected to a 7000
(Grumpy).
 Communication Server port 3 is connected to a 4500 (Dopey).
 Communication Server port 4 is connected to a 4700 (Sleepy)
 Configure the Communications Server so that when you type
the name of a router on the Server you are connected to the
console port of that respective router.
TIME: 30 minutes
Cisco Systems Internal Use Only
5
SE Practice CCIE Lab
V1.0
Lab 2
IP Routing Configuration
The objective of this lab is to configure OSPF/IGRP/EIGRP/BGP
in different parts of the network and to redistribute routing
information. In the working setup all routers should see every route
and should be able to ping any interface in the network. Do NOT
configure static routes to accomplish this.
Topology and Basic IP Setup
You will be using the CLASS B network 172.17.0.0 with the 3’rd octet
set to 59. Thus all your addresses should look like 172.17.59.X
Do not use static routes for IP on any router.
2.1 Configure Dopey as a frame relay switch:


DLCI 100 goes to Sleepy.
DLCI 101 goes to Grumpy.
TIME: 30 minutes
2.2 Configure IP across the Frame Relay network:


Use a 28 bit subnet mask.
Confirm connectivity across the Frame Relay network by pinging
from Grumpy to Sleepy.
TIME: 30 minutes
2.3 Configure IP across the remaining interfaces:
 Configure Grumpy Ethernet 0/0 to IP address 171.68.62.93 with a
26 bit subnet mask.
Cisco Systems Internal Use Only
6
SE Practice CCIE Lab
V1.0

Subnet Ethernet 0/1 on Grumpy such that it has 6 host
addresses.
 Subnet the Ethernet that connects Grumpy and Dopey using a
30 bit subnet mask.

Subnet Dopey ‘s Ethernet 1 such that it has 14 host addresses.

Subnet the Sleepy’s FDDI ring such that it has 2 hosts.

Verify that you have basic IP setup by pinging the local interfaces
that you have just configured.
TIME: 45 minutes
2.4 Configure OSPF on your network as per Diagram 3.
 Configure OSPF on Grumpy, Dopey, and Sleepy. Refer to Diagram 3
for area designations.
 Ensure that Grumpy can ping Sleepy’s FDDI interface and Dopey’s
Ethernet 1 interface. Also ensure that Sleepy can ping Dopey’s
Ethernet 1 interface.
TIME: 45 minutes
IGRP Configuration and Redistribution
2.5 Configure IGRP on your network as per Diagram 3.
 Configure IGRP on Shorn’s Ethernet 0 and Grumpy’s Ethernet 0/0.
 Make sure that these are the ONLY interfaces that are advertising
IGRP.
 Redistribute OSPF into IGRP on Grumpy.
 Verify that Shorn can ping all interfaces in the OSPF domain.
TIME: 45 minutes
EIGRP Configuration and Redistribution
2.6 Configure EIGRP on your network as per Diagram 3.
 Configure EIGRP on Grumpy’s Ethernet 0/1.
 Make sure that this is the ONLY interface that is advertising EIGRP.
Cisco Systems Internal Use Only
7
SE Practice CCIE Lab
V1.0
 Redistribute OSPF into EIGRP and EIGRP into OSPF.


Redistribute the connected interface Ethernet 0/1 into OSPF and
IGRP.
Verify that Sleepy and Shorn can ping Grumpy’s Ethernet 0/1.
2
TIME: 30 minutes
BGP Configuration
2.7 Configure BGP on Dopey and Grumpy:

Dopey and Grumpy should have different autonomous system
numbers.
 Configure 3 loopback interface on Dopey using the network
addresses 150.100.0.0, 160.100.0.0, and 170.100.0.0.
 Configure BGP between Dopey and Grumpy such that Grumpy
sees all three loopbacks configured on Dopey.
 A “show ip bgp” on Grumpy should show the three routes
advertised by Dopey.
TIME: 30 minutes
2.8 BGP Route Filter
 Configure a filter on Grumpy such that the only route now seen on
Grumpy is 150.100.0.0.
TIME: 15 minutes
IP FIREWALL
2.7 Configure an inbound access-list on Dopey’s Ethernet 0 interface
that satisfies the following criterion:


Telnet sessions are permitted only if originated from Shorn’s ethernet
interface subnet.
FTP sessions are permitted only if established from Dopey’s Ethernet
1 subnet.
Cisco Systems Internal Use Only
8
SE Practice CCIE Lab
V1.0





TFTP is permitted both ways allowed.
SMTP is not allowed.
WWW is not allowed.
PING is permitted from everywhere.
Confirm access to the network after applying the access list. Ping
Dopey’s Ethernet 1 from Sleepy. Also show a telnet to Dopey from
Grumpy fails.
TIME: 30 minutes
Cisco Systems Internal Use Only
9
SE Practice CCIE Lab
V1.0
Lab 3
Appletalk Routing Configuration
3.1
Appletalk configuration:
 Configure all ports for appletalk. Use different cable ranges and
zones on each interface.
 Configure EIGRP for appletalk across the frame-relay network.
TIME: 45 minutes
3.2
Appletalk filter:
 Configure a filter on Grumpy such that Dopey only sees routes and
zones from Shorn.
TIME: 45 minutes
Lab 4
Decnet Routing Configuration
4.1
Decnet configuration:
 Enable Decnet routing on all routers.



Configure Dopey’s ethernets to be in a separate DECnet area from
the rest of the routers.
Verify connectivity between all routers by checking that the
appropriate DEC areas/nodes appear in all routes.
Verify that you can DEC ping from any router to any other router.
TIME: 45 minutes
Cisco Systems Internal Use Only
10
SE Practice CCIE Lab
V1.0
Lab 5
IPX Routing Configuration
5.1
IPX configuration:
 Enable IPX routing on all routers.
 Configure all ports for IPX.



Configure IPX EIGRP across the frame-relay network.
Verify that all routes appear in each router.
Verify that you can IPX ping from any router to any other router.
TIME: 45 minutes
5.2
IPX SAP configuration and filter:
 Configure two static SAPs on Dopey.
 Verify that these two SAPs appear in Grumpy’s SAP table.
 Configure a filter on Grumpy such that it can see only one of the
static SAPs.
 Verify that Grumpy can now only see one of Dopey’s static SAPs in
his SAP table.
TIME: 45 minutes
5.3
IPX route filter:
 Configure a filter on Sleepy such that the only IPX routes it sees
are Dopey’s ethernets.
 Verify that only these two routes appear in Sleepy’s route table.
TIME: 30 minutes
Lab 6
DLSw Configuration
6.1
DLSw configuration:
Cisco Systems Internal Use Only
11
SE Practice CCIE Lab
V1.0
 Configure DLSw between Dopey’s ethernet 1 and Grumpy’s

ethernet 0/1.
Verify that the DLSw peers are in the connected state.
TIME: 20 minutes
6.2
DLSw port exclusion:
 Configure transparent bridging between Grumpy’s ethernet 0/0 and

ethernet 0/1.
Configure DLSw such that there is connectivity between Dopey’s
ethernet 1 and Grumpy’s ethernet 0/1, but NOT between Dopey’s
ethernet 1 and Grumpy’s ethernet 0/0.
TIME: 20 minutes
6.3
DLSw protocol filter:
 Configure a filter such that the only protocol that is transported via

DLSw is NetBIOS.
Apply this filter to the DLSw remote peer statement on Dopey.
TIME: 20 minutes
6.4 DLSw mac filter:
*
Change the DLSw configuration such that Grumpy informs all his
peers that the only mac address that Grumpy can reach is
4000.3725.0101.
 Verify that your configuration is correct by checking the peer
capabilities.
TIME: 20 minutes
Cisco Systems Internal Use Only
12